1. Field
The present invention relates to a user authentication method, a user authentication device, and a program product.
2. Description of the Related Art
In accessing a resource such as a computer, or the like, a service, and the like, in some cases a user's privilege needs to be authenticated. For this purpose, various authenticating devices that specify a user individual or a group are known. Most of these devices are provided based on cryptographic technology, so that inevitably these devices are based upon a fact that an authenticated user (or group) alone possesses secret information that only the user can know. Normally the secret information is binary data that is long enough not to be guessed by an illegal user, and is not suitable for the human remembrance. Therefore, the secret information is stored in a hard disk of a computer, or a memory device such as an IC card, or the like. In order to enhance security, the secret information may be stored in combination with a password that the user can remember.
In this manner, when by any chance the user has lost the IC card in which the secret information is stored, or the secret information has been lost unexpectedly because of any trouble of the hard disk, or the user has forgotten the password used to encrypt the secret information, the authenticating device that is based upon the fact that the user possesses any secret information is not able to authenticate the user. As a result, it is necessary to give relief to the user by any approach.
Conventionally, such a method is widely utilized that the user registers a “secret password” in advance and then the user is caused to input the password in authenticating the user. For example, a mother's maiden name of the user, a name of the pet that the user keeps, or the like is registered in advance on the authenticating side as a “secret password” and, in authenticating the user, the user who guesses the “secret password” exactly is authorized.
However, a third person can guess the secret information easily or try several possibilities of the secret information repeatedly, or investigate the secret information by examining a family register of the user. Therefore, according to the above authentication method, it is never difficult for the third person to get illegally the authorization.
When the “secret password” is set to a very complicated meaningless password such that the third person cannot guess such password, such complicated password enhances the possibility that the user forgets it. Thus, such complicated password is not practical.
In order to prevent this problem, such a method may be considered that a lot of simple “secret passwords” that the user does not forget should be registered. In such case, a lot of “secret passwords” that only the user can know are disclosed for registering. Particularly, when such method is applied to the on-line service, a lot of “secret passwords” are disclosed to the authenticating side. This causes leakage of user's privacy information because the “secret password” often contains the user's privacy information.
In addition, when a plurality of on-line service providers (abbreviated as “sites” hereinafter) for making password recovery by such method (on the authenticating side) are set up, not only the problem that the user's privacy leaks out to here and there arises, but also the “secret password” is authenticated illegally at all sites that the user uses when the “secret password” has leaked from one site due to the server's cracking, the administrator's illegal action, or the like. Typically, when a site of an on-line game is cracked, money is drew out from the user's bank account as another site. Because of these circumstances, the user cannot register the own “secret password” without anxiety.
JP-A 11-215117 (KOKAI) discloses a method of preventing leakage of the “secret password”. In this method, the secret information such as a mother's maiden name, or the like is encoded into a code, and then secret keys are encrypted by using the resultant code as a key. These encrypted secret keys are encrypted again by an asymmetric cryptosystem while using a public key of the authentication agent, and then the result is stored as a key recovering file. Thus, the user can restore the secret keys from the secret information such as a mother's maiden name, or the like even though the user lost the secret keys. This method possesses such an advantage that the secret keys can be restored without disclosing the secret information such as a mother's maiden name, or the like. However, the problem in which a third person can be authenticated illegally by guessing a simple “secret password” cannot be solved yet. In order not to allow the illegal key recovery, the reliable authentication agent that possesses the secret keys used in the asymmetric cryptosystem have to authenticate the user. Therefore, this system does not merely respond to the request such that the proper authenticating side (site) authenticates the user.
As described above, in the conventional user authentication method using the “secret password”, it is fear that the secret password is easily guessed, the user has to memorize many secret passwords, leakage of the user's information is caused because the service provider has to be informed of the privacy information, a service provided from another site is accessed illegally based on the secret password leaked from a certain site, and the like.